HORPO with Computability Closure 
A Reconstruction 



Frederic Blanqui^, Jean-Pierre Jouannaud^*, and Albert Rubio'^ 

^ INRIA & LORIA, Protheo team, Campus Scientifique, BP 239, 54506 
Vandoeuvre-les-Nancy Cedex, France 
^ LIX, Ecole Polytechnique, 91400 Palaiseau, France 
^ Technical University of Catalonia, Pan Gargallo 5, 08028 Barcelona, Spain 



Abstract. This paper provides a new, decidable definition of the higher- 
order recursive path ordering in which type comparisons are made only 
when needed, therefore eliminating the need for the computability clo- 
sure, and bound variables are handled explicitly, making it possible to 
handle recursors for arbitrary strictly positive inductive types. 



1 Introduction 

The Higher-order Recursive Path ordering was first introduced in [3] . 
The goal was to provide a tool for showing strong normalization of 
simply typed lambda calculi in which higher-order constants were 
defined by higher-order recursive rules using plain pattern match- 
ing. Inspired by Dershowitz's recursive path ordering for first-order 
terms, comparing two terms started by comparing their types under 
a given congruence generated by equating given basic types, before 
to proceed recursively on the structure of the compared terms. In [4] , 
the type discipline was generalized to a polymorphic type discipline 
with type constructors, the congruence on types was replaced by a 
well-founded quasi-ordering on types (in practice, a restriction of the 
recursive path ordering on types), and the recursive definition itself 
could handle new cases. There were two variants of the subterm case: 
in the first, following the recursive path ordering tradition, a subterm 
of the left-hand side was compared with the whole right-hand side; 
in the second, a term belonging to the computability closure of the 
left-hand side was used instead of a subterm. And indeed, a subterm 
is the basic case of the computability closure construction, whose 
fixpoint definition included various operations under which Tait and 
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Girard's notion of computability is closed. The ordering and the com- 
putational closure definitions shared a lot in common, raising some 
expectations for a simpler and yet more expressive definition able to 
handle inductive types, as advocated in [2]. This paper meets these 
expectations (and goes indeed much further) with a new definition of 
HORPO that improves over the previous one [4] in several respects: 

1. There is a single decidable recursive definition, instead of a pair 
of mutually inductive definitions for the computability closure 
and the ordering itself; 

2. In contrast with the definition of HORPO with computabihty clo- 
sure, the new definition is decidable and syntax-directed (except, 
as usual, for the subterm case); 

3. Type checking applies only when really needed, that is, when the 
comparison does not follow from computability arguments; 

4. Bound variables are handled explicitly by the ordering, allowing 
for arbitrary abstractions in the right-hand sides; 

5. Strictly positive inductive types arc accommodated; 

6. There is no need for flattening applications on the right-hand 
side. 

This new definition appears to be powerful enough to prove strong 
normalization of recursors for arbitrary strictly positive inductive 
types. The two major technical innovations which make it possible 
are the integration of the computability closure within the ordering 
definition on the one hand, and the explicit handling of binders on 
the other hand. This integration of the computability closure is not 
obtained by adding new cases in the definition, as was suggested 
in [2], but instead by eliminating from the previous definition the 
unnecessary type checks. 

2 Higher- Order Algebras 

Polymorphic higher-order algebras are introduced in [4]. Their pur- 
pose is twofold: to define a simple framework in which many-sorted 

algebra and typed lambda-calculus coexist; to allow for polymorphic 
types for both algebraic constants and lamb da- calculus expressions. 
For the sake of simplicity, we will restrict ourselves to monomorphic 
types in this presentation, but allow us for polymorphic examples. 
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Carrying out the polymorphic case is no more difficult, but surely 
more painful. 

Given a set S of sort symbols of a fixed arity. denoted by s : *" ^ 
*, the set of types is generated by the constructor for functional 
types: 

Ts := s{T^) I Ts - Ts 
for s : *" ^ * e »S 

Types are functional when headed by the — > symbol, and data 
types otherwise. — > associates to the right. We use a, r, p, 9 for arbi- 
trary types. 

Function symbols are meant to be algebraic operators equipped 
with a fixed number n of arguments (called the arity) of respective 
types (Ti, . . . , (7„, and an output type a. Let = 1+J^i,...,<^„,<^ ^aix...x(T„-^a- 
The membership of a given function symbol / to J'aix ...xan—*cr is 
called a type declaration and written / : ai x . . . x (j„ — >• o". 

The set T(jF, X) of raw algebraic X-terms is generated from the 
signature T and a denumerable set X of variables according to the 
grammar: 

T:^X \{XX: Ts.T) \ @(T, T) | J^(T, . . . , T). 

The raw term \x : cr.ti is an abstraction and is an appli- 

cation. We may omit cr in Ax : a.u and write Vi, . . . , v^) or 
u{vi, . . . ,Vn), n > 0, omitting applications. Var{t) is the set of free 
variables of t. A raw term t is ground if Var(t) — 0. The notation s 
shall be ambiguously used for a list, a multiset, or a set of raw terms 

■^1 ? • • • ) ^ri' 

Raw terms are identified with finite labeled trees by considering 
Xx : a.u, for each variable x and type cr, as a unary function symbol 
taking u as argument to construct the raw term Xx : a.u. Positions 
are strings of positive integers. t\p denotes the subterm of t at position 
p. We use t>t\p for the subterm relationship. The result of replacing 
t\p at position p in t by m is written t[u\p. 

An environment -T is a finite set of pairs written as {xi : ai, . . . ,Xn 
an}, where .Xj is a variable, CTj is a type, and Xj ^ Xj for i ^ j. Our 
typing judgements are written as F h^; s : a. A raw term s has type 
a in the environment F if the judgement F \- jj s : a is provable 
in the inference system given in Figure 1. An important property of 
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Variables: 

X : a e r 

r \-E x:a 


Functions: 

f : ai X . . . X a-a ^ (J <E T 


r \-s ti : ... r \-E tn : an 
r f{ti,...,tn) : a 


Abstraction: 

r-{x:a} \-st:T 


Application: 

r s : a ^ T r hst-.a 


r \-s {Xx : a.t) -.a^T 


r @{s,t) : T 



Fig. 1. The type system for monomorphic higher-order algebrgis 



our type system is that a raw term typable in a given environment 
has a unique type. 

Typable raw terms are called terms. We categorize terms into 
three disjoint classes: 

1. Abstractions, which are headed by A; 

2. Prealgebraic, which are headed by a function symbol, assuming 
that the output type of / G is a base type; 

3. Neutral, which are variables or headed by an application. 

A substitution a of domain Vom{a) = {xi, . . . , is a set of triples 
a — {ri hj: xi H- >• ti, . . . , r„ \-E Xn ^ tn}, such that Xi and ti have 
the same type in the environment I^. Substitutions are extended 
to terms by morphism, variable capture being avoided by renam- 
ing bound variables when necessary. We use post- fixed notation for 
substitution application. 

A rewrite rule is a triple F / — > r such that Var(r) C Var(/), 
and r \-s I : a and F \-s r : a ior some type a. Given a set of rules 
R, 

s — ^ t iff sL = ^7 and t — s[r^]p for some substitution 7 

The notation I ^ r E R assumes that the variables bound in l,r 
(resp. the variables free in l,r) are renamed away from the free vari- 
ables of s[]p (resp. the bound variables of to avoid captures. 

For simplicity, typing environments are omitted in the rest of the 
paper. 

A higher- order reduction ordering y is a well-founded ordering of 
the set of typable terms which is 

(i) monotonic: s )^ t implies that u[s] >- u[t\; 
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(ii) stable: s )^ t implies that 57 >- for all substitution 7. 

(iii) functional: s — >p U — >^ t implies s )^ t, 

In [4], we show that the rewrite relation generated by i? U {(3, f]} 
can be proved by simply checking that / > r for alH ^ r G i? with 
some higher-order reduction ordering. 

3 The Improved Higher- Order Recursive Path Ordering 

The improved higher-order recursive path ordering on higher-order 
terms is generated from four basic ingredients: a type ordering; an 
accessibility relationship; a precedence on functions symbols; and a 
status for the function symbols. Accessibility is a new ingredient 
originating from inductive types, while the other three were already 
needed for defining HORPO. We describe these ingredients before 
defining the improved higher-order recursive path ordering. 

3.1 Ingredients 

— A quasi-ordering on types >-7^, called type ordering, satisfying 
the following properties (let >rs = >Ts \ be its strict part 
and =7^ = >rs H <rs be its associated equivalence relation): 

1. Well-foundedness: >rs is well-founded; 

2. Arrow preservation: t ^ a —r^ a iff a = r' — > a', r' —r^ 

T and (7 ='rs o"'; 

3. Arrow decreasingness: t a >rs ol implies a >rs a or o; = 
t' —>■ a', t' =rs T and a >rs c"'; 

4. Arrow monotonicity: r >rs o implies both a — > r >'7^ a — > 
a and r — ^ a >7-^ cr ^ a; 

We denote by the set of minimal types with respect to 

>^ = (>7^ U >)* (reflexive and transitive closure). 
We say that a data type a occurs positively (resp. negatively) in 
a type r if r is a data type (resp. r is a data type non equivalent 
to a in =rs)y or if r = p ^ 9 and a occurs positively (resp. 
negatively) in 9 and negatively (resp. positively) in p. 

— A set Acc{f) of accessible arguments for every function declara- 
tion / : (Ji . . . (Tn — > (7 with a being a data type, where i e [l..n] 
is said to be accessible if all data types occuring in cxj are smaller 
than a in the quasi-order >rs) and in case of equivalence (with 
=Ts), they must occur only positively in Uj. Note that the appli- 
cation operator @ : (a — > /3) x a — > /? can be seen as a function 
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symbol with an empty set of accessible positions, since its output 
type T may occur negatively in any of its two argument types a 
and (7 — > r. 

A term u is accessible in /(s), / G JF, iff there is z G Acc(/) such 
that w = Sj or « is accessible in Sj. Accessibility for / G U {@} 
is now obtained by adding the minimal type subterms: s >accV '■ r 
iff V is accessible in s, or r G 7^"*", w is a strict subterm of s and 
Var{v) C Var(s). We denote by the reflexive closure of D^cc- 

— A precedence >^ on JF U {@}, with / >;f @ for all / G J^. 

— A status (lexicographic or multiset) for all symbols in ^ U {@} 
with @ G Mul. The status of the symbol / is denoted by statf. 

We recall important properties of the type ordering [4]: 

Lemma 1. Assuming a =Ts t, a is a data type iff t is a data type. 

Lemma 2. Let >rs be a quasi- ordering on types such that >rs is 
well-founded, arrow monotonic and arrow preserving. Then, the rela- 
tion >rs' defined as {>Ts U >)*, is a well-founded quasi- ordering on 
types extending >rg and >, whose equivalence coincides with —Ts- 

Lemma 3. 7^"" is a non-empty set of data types ifTsy^^. 

3.2 Notations 

— s t for the main ordering, with a finite set of variables X C X, 
with the convention that X is omitted when empty; 

— s : a t : T for s t and a >rg t; 

— s : a >acc h.rs t '■ t for s >acci^ for some w and @{w,x) : a' —r^ 
T ^ fo^ some x E X. 

3.3 Ordering Definition 
Definition 1. s : a t : t iff either: 

1. s = f{s) with f E and either of 

( a) Si >acc hrs t for some i 

(b) t = g{i) with f g e J^, s>~^t and siy-j-g ^ ^cchTs)statft 

(c) t = g{t) with f >jr g E J^U {@} and sy^t 

2. s = t;) and either of 

(a) u >acc >irs torv >acc hrs ^ 

(b) t = @{u',v') and {u,v}{y^^)mui{u',v'} 
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(c) u — Xx : a.w and w{x i— > v} t 
3. s — Xx : a.u and either of 

(a) u{x ^ z} t for z : a fresh 

(b) t = Xy : [3.V, a =Ts andu{x t— z})^-^v{y i— > z} for z : P fresh 

(c) u = x), X ^ Var{v) and v t 
4- (a) s ^ X and t e X 

(b) s ^ X , s ^ Xx : a.u, t = Xy : (3.w and s)^-^^^^^ w{y i— >• z} 
for z : fi fresh 

Our ordering definition comes in four parts, the first three deahng 
with left-hand sides headed respectively by an algebraic symbol, the 
application symbol and an abstraction, while the fourth factors out 
those cases where the right-hand side is a previously bound variable 
or an abstraction. 

Cases 1 are very similar (up to type checks) to those of Der- 
showitz's recursive path ordering with the subterm case la, the sta- 
tus case lb and the precedence case Ic. So are Cases 2 and 3. One 
difference is that there is an additional case for handling respectively 
beta and eta. A more substantial difference is that variable renaming 
has become explicit. 

The major innovation of this new definition is the annotation of 
the ordering by the set of variables X that were originally bound in 
the right-hand side term, but have become free by taking some sub- 
term. This allows rule 4b to pull out abstractions from the right-hand 
side regardless of the left-hand side term, meaning that abstractions 
are smallest in the precedence. Note that freed variables become 
smaller than everything else but variables. 

One may wonder why Case lb is so complicated: the reason is 
that using recursively s{yrs)statft would yield to lose strong nor- 
malization of the ordering. 

We give now an example of use of this new definition with the 
inductive type of Brouwcr's ordinals, which constructor lim takes 
an infinite sequence of ordinals to build a new, limit ordinal, hence 
admits a functional argument of type IN — > Ord, in which Ord oc- 
curs positively. As a consequence, the recursor admits a much more 
complex structure than that of natural numbers, with an explicit 
abstraction in the right-hand side of the rule for lim. 

Example 1. Brouwer's ordinals. 
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: Ord S : Ord Ord Urn : (IN ^ Ord) Ord 

n : IN AT : IN F : IN ^ Ord 

rec : Ord x a x (Ord^a^a) x ( (IN ^ Ore?) ^ (IN ^ a) ^ a) =^ a 
rec(0, U, V,W) 

rec{s{N), U, V, W) ^ @{V, N, rec{N, U, V, W)) 
rec{lim{F), U, V, W) @{W, F, Xn.rec{@{F, n), U, V, W)) 

Although the strong normahzation of such rules is known to be dif- 
ficult to prove, it is checked automatically by our ordering. We only 
show how the third rule is included in the ordering. 

rec{lim{F),U, V, W) F, Xn.rec{@{F, n),U, V, W)) 

yields 2 subgoals according to Case Ic: a >rg o. and 
rec{lim{F), U, V, W) y{W, F, Xn.rec{@{F, n), U, V, W)}. 
The first one is trivial and the second one simplifies to: 

1. rec{lim{F), U, V, W) >- W which succeeds by Case la, 

2. rec{lim{F), U, V, W) >- F, which succeeds by Case la since F is 
accessible in lim{F), 

3. rec{lim{F),U, V, W) y \n.rec{@{F, n),U, V, W) which yields, by 
Case 4b, rec{Um{F), U, V, W) ^{">rec(@(F, n), U, V, W) yielding, 
by Case lb, two goals 

(a) {Um{F), U, V, Wjiy^s U>acc^5-J),n.;{@(F, n), U, V, W}, 
which reduces to lim{F)[:^cchj^ @{F, n) which holds by Case la 
since F is accessible in lim{F), and 

(b) rec{lim{F), U, V, W))^^''^@{F, n), U, V, W}, that decomposes 
into three goals trivially solved by Case la, and 
rec{lim{F), U, V, W) @{F, n) yielding, by Case Ic, 

i. rec{lim{F), U, V, W) >-^'^^ F, which holds by Casela, since 
F is accessible in lim{F), and 

ii. rec{lim{F), U, V, W) y^'^^ n which holds by Case 4a, there- 
fore ending the computation. 

4 Strong Normalization 

Theorem 1. is a decidable higher-order reduction ordering. 

Contrasting with our previous proposal made of an ordering part 
and a computability closure part, our new ordering is a decidable 
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inductive definition: s y-^ t is defined by induction on the triple 
(n, s, t), using the order (>]]\f, — U[>, >)iex, where n is the number 
of abstractions in t. The quadratic time decidabihty follows since all 
operations used are clearly decidable in linear time. The fact that 
is quadratic comes from those cases that recursively compare 
one side with each subterm of the other side. This assumes of course 
that precedence and statuses are given, since inferring them yields 
NP-completeness as is well-known for the recursive path ordering on 
first-order terms. 

The stability and monotonicity proofs are routine. As the old one, 
the new definition is not transitive, but this is now essentially due 
to the beta-reduction case 2c. We are left with strong normalization, 
and proceed as in [4]. The computability predicate differs however 
in case of data types, since it has to care about inductive type defi- 
nitions. 

4.1 Candidate Terms 

Because our strong normalization proof is based on Tait and Girard's 
reducibility technique, we need to associate to each type a, actually 
to the equivalence class of a modulo —r^: a set of terms |cr] closed 

under term formation. In particular, if s G |o" — r] and t G {a}, 
then the raw term @{s, t) must belong to the set |r] even if it is not 
typable, which may arise in case t does not have type a but a' =rs cf- 
Relaxing the type system to type terms up to type equivalence —r^ 
is routine [4]. We use the notation t :c o" to indicate that the raw 
term t, called a candidate term (or simply, a term), has type a in 
the relaxed system. 

4.2 Candidate Interpretations 

In the coming sections, we consider the well-foundedness of the strict 
ordering (i^t-^)^, that is, equivalent ly, the strong normalization of the 
rewrite relation defined by the rules s — > t such that s ^q-^ t. Note 
that the set X of previously bound variables is empty. We indeed 
have failed proving that the ordering {>~j-^)^ is well-founded for an 
arbitrary X, and we think that it is not. As usual in this context, 
we use Tait and Girard's computability predicate method, with a 
definition of computability for candidate terms inspired from [4, 1] . 
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Definition 2. The family 0/ candidate interpretations {[cJlagrs is 
a family of subsets of the set of candidate terms which elements are 
the least sets satisfying the following properties: 

(i) If a is a data type and s -.c ct is neutral, then s & {a} ijft & |r] 
for all terms t such that s >-j-^ t :c t; 

(a) If a is a data type and s — f{s) :c c is prealgebraic with 
f : Ox . . .On ^ (y' ^ T , then s G [cr] iff Si G |(Tj] for all i G Acc{f) 
and t G [r] for all terms t such that s >~j-^ t :c t; 

(Hi) If a is the functional type p —>■ r then s G {a] ijf@{s,t) G |t] 
for all t G IpI; 

A candidate term s of type a is said to be computable if s & 

|(t] . A vector s of terms of type a is computable iff so are all its 
components. A (candidate) term substitution 7 is computable if all 
candidate terms in {x^ \ x G Vom{'j)} are computable. 

Our definition of candidate interpretations is based on a lexico- 
grapliic combination of an induction on tlie well-founded type order- 
ing and a fixpoint computation for data types. 

4.3 Computability Properties 

We start with a few elementary properties stated without proofs: 

Lemma 4. Assume a r. Then, |cr] = |r]. 

Lemma 5. s = @{u,v) is computable if u and v are computable. 

Lemma 6. s is computable if s & T^"'" is strongly normalizable. 

Lemma 7. Assume that s are computable and that f{s) >accV for 
some f & J^U {@}. Then v is computable. 

We now give the fundamental properties of the interpretations. 
Note that we use our term categorisation to define the computability 
predicates, and that this is reflected in the computability properties 
below. 

(i) Every computable term is strongly normalizable for ^rs'i 

(ii) If s is computable and s >zrs then t is computable; 

(ill) A neutral term s is computable iff t is computable for all 
terms t such that s >~j-^ t; 

(iv) An abstraction Xx : a.u is computable iff u{x 1— > w} is com- 
putable for all computable terms w :c cr; 
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(v) A prealgebraic term s — f{s) cr such that / : — > r e is 
computable if s :c is computable. 

All proofs are adapted from [4], with some additional difficulties. 
The first four properties are proved together. 

Proof. Properties (i), (ii), (iii), (iv). Note first that the only if part 
of properties (iii) and (iv) is property (ii). We are left with (i), (ii) 
and the if parts of (iii) and (iv) which spell out as follows: 

Given a type a, we prove by induction on the definition of {a} 
that 

(i) Given s :c cr G [cr], then s is strongly normalizable; 

(ii) Given s :c cr & such that s t for some t -.q t, then 
t e [r]; 

(iii) A neutral candidate term u :c o' is computable iiw:cO& {9} 
for all w such that u y^-^ w; in particular, variables arc computable; 

(iv) An abstraction Xx : a.u :c cr is computable if u{x ^ w} is 
computable for all w G \a\. 

We prove each property in turn, distinguishing in each case whether 
(T is a data or functional type. 

(ii) 1. Assume that cr is a data type. The result holds by definition 
of the candidate interpretations. 
2. Let cr = 6* — > p. By arrow preservation and decreasingness 

properties, there are two cases: 

(a) P T- Let y :c G A'. By induction hypothesis (iii), 
yep], hence @{s,y) G {pj by definition of {aj. Since 
@(s, y) :c p ^ -c by case 2a of the definition, t is 
computable by induction hypothesis (ii). 

(b) T = 0' —>■ p', with 9 =rs 9' and p >rs p' ■ Since s is 
computable, given u G [6'], then @(s,w) G [p]. By mono- 
tonicity, @(s, m) @(t, w). By induction hypothesis (ii) 
@(t,M) G \p']. Since |^] = |^'] by Lemma 4, t is com- 
putable by definition of |r]. 

(i) 1. Assume first that cr is a data type. Let s >-g-^ t. By definition of 
[cr] , t is computable, hence is strongly normalizable by induc- 
tion hypothesis. It follows s is strongly normalizable in this 
case. 

2. Assume now that cr = 9 ^ and let sq = s -.c cr = 
cro y^-^ Si -.c cri . . . Sn -c crn • • • be a derivation issu- 
ing from s. Therefore Sj G |crj] by induction on i, using the 
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assumption that s is computable for z = and otherwise by 
the already proved property (ii). Such derivations are of the 
following two kinds: 

(a) (J for some in which case Sj is strongly normal- 
izable by induction hypothesis (i). The derivation issuing 
from s is therefore finite. 

(b) (Ti —Ts c for all z, in which case Gi — Oi^ Ti with 9i —r^ 0. 
Then, {@(sj,y -.q 0) -.c 'Ti}i is a sequence of candidate 
terms which is strictly decreasing with respect to by 
monotonicity. Since y -.c is computable by induction hy- 
pothesis (iii), @{si,y) is computable by definition of |Ti]. 
By induction hypothesis, the above sequence is finite, im- 
plying that the starting sequence itself is finite. 

Therefore, s is strongly normalizing as well in this case. 

1. Assume that cr is a data type. The result holds by definition 

of M. 

2. Assume now that cr = cti — > (T2. By definition of {a}, u is 
computable if the neutral term @{u, Ui) is computable for all 
^1 £ By induction hypothesis, @{u,Ui) is computable iff 
all its reducts w are computable. 

Since ui is strongly normalizable by induction hypothesis (i), 
we show by induction on the pair {ui, \w\) ordered by (i^t^, >^ 
) that all reducts w of @{u,ui) are computable. Since u is 
neutral, hence is not an abstraction, there are three possible 
cases: 

(a) @{u, ui) yj-^ w by Case 2a, therefore u ^ccV ^7-5 w or ui> 
accV '^■Xs ^'^^ some v. Since the type of w is smaller or 
equal to the type of @{u, ui), it is strictly smaller than the 
type of u, hence w ^ u. Therefore, in case v = u, w is 
a reduct of u, hence is computable by assumption. Oth- 
erwise, V is Ui or a minimal- type subterm of Ui, in which 
case it is computable by assumption on ui and Lemma 6, 
or a minimal-type subterm of u in which case u v by 
Case la or 2a since the neutral term u is not an abstrac- 
tion, and therefore v is computable by assumption. It fol- 
lows that w is computable by induction hypothesis (ii). 

(b) @{u, Ui) >~j-^ w by Case 2b, therefore w = @{v, Vi) and also 
{u, Ui} {^j-^) mui{wi, W2}- For type reasons, there are again 
two cases: 
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• Wi and W2 are strictly smaller than u, Ui, in which case 
wi and W2 are computable by assumption or induction 
hypothesis (ii), hence w is computable by Lemma 5. 

• u = Wi and Ui y-j-^ W2, implying that W2 is computable 
by assumption and induction hypothesis (ii). Then, 
since >^)iex{w2, -), we conclude by induc- 
tion hypothesis. 

(c) @{u,ui) >~j-^w by Case 4b, then w = Xx : j3.w', x ^ 
Var{w') and wi)>-w'. By induction hypothesis (iv) 
and the fact that x ^ Var{w'), w is computable if w' is 
computable. Since the type of Xx : p.w' is strictly big- 
ger than the type of w', we get @{u,ui) w'. We con- 
clude by induction hypothesis, since {ui, Xx.w'){yj-^,>-^ 

)lex{Ul,w'). 

(iv) By definition of [cr], the abstraction Ax : a.u :c cr is computable 
if the term @{Xx.u, w) is computable for an arbitrary w e {a}. 
Since variables are computable by induction hypothesis (iii), u = 
u{x I— s> x} is computable by assumption. By induction hypoth- 
esis (i), u and w are strongly normalizable. We therefore prove 
that @{Xx.u, w) is computable by induction on the pair {u, w) 
compared in the ordering (>"7^, '>^rs)iex- 

Since ©(Ax.-u, w) is neutral, we need to show that all reducts v of 
©(Aa;.^,™) are computable. We consider the four possible cases 
in turn: 

1. If @(Aa;.?x, w) y-j-^ v by Case 2a, there are two cases: 

- ii w >zrc; '^1 we conclude by induction hypothesis (ii) that v 
is computable. 

- if Xx.u V, then Xx.u y^-^ v since the type of Xx.u must 
be strictly bigger than the type of v. There are two cases 
depending on the latter comparison. 

If the comparison is by Case 3a, then u v, and we conclude 
by induction hypothesis (ii) that v is computable. 
If the comparison is by Case 3b, then v = Xx : a'.u' with 
a —Ts c/ ■ By stability, u{x ^ w} y^-^ u'{x 1— w}, hence 
u'{x i-^ w} is computable by property (ii) for an arbitrary 
to G |a] = {a'l by lemma 4. It follows that v is computable 
by induction hypothesis, since {u, _){>~j-^,>~j-^)iex{u' , -). 

2. If @{Xx.u, w) >-j-^ V by case 2b, then v = @{vi, V2), and by def- 
inition of {Xx.u, w}{)^j-^)raui{vi,V2}- There are three cases: 
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- Vi — \x.u and w >-^^ V2- Then V2 is computable by induc- 
tion hypothesis (ii) and, since u{x ^ V2} is computable by 
the main assumption, ©(^1,^2) is computable by induction 
hypothesis, since {Xx.u,w){>~j-^,>~j-^)iex{^-u,V2). 

- Terms in {vi,V2} are reducts of u and w. Therefore, Vi and 
V2 are computable by induction hypothesis (ii) and v is com- 
putable by Lemma 5. 

- Otherwise, for typing reason, vi is a reduct of Xx.u of the 
form Xx.u' with u >~q-^ u', and V2 is a reduct of the previous 
kind. By the main assumption, u{x h- > v"} is computable for 
an arbitrary computable v". Besides, u{x 1— > v"} y-j-^ u'{x 1— > 
v"} by stability. Therefore u'{x 1^ v"} is computable for an 
arbitrary computable v" by induction hypothesis (ii). Then 
@{vi,V2) is computable by induction hypothesis, since (u, _) 
i^rs^^rs)iex («',-)■ 

3. If @{Xx.u,w) y^-^ V by Case 4b, then v — Xx.v', x ^ Var{v') 
and @{Xx.u, w) yj-^ v' . Since Xx.v' yj-^ v' by Case 3a, v' is com- 
putable by induction hypothesis. Since x ^ Var(w'), it follows 
that Xe.v' is computable. 

4. If <^[)\x.u,w)y-j'^v by case 2c, then u{x 1— > w}^horpo^- By 
assumption, u{x 1— > w} is computable, and hence v is com- 
putable by property (ii). □ 

We are left with property (v) whose proof differs from [4] . 

Proof. Property (v). As we have seen, each data type interpretation 

[cj] is the least fixpoint of a monotone function G on the powcrset 
of the set of terms. Hence, for every computable term t E |o"], there 
exists a smallest ordinal o{t) such that t G G°*^*-*(0), where is 
the a transfinite iteration of G. The relation □, defined hy t Z\ u 
iff o{t) > o{u), is a well-founded ordering which is compatible with 
y-Tg'- if '^^Ts ^ then t □ ti. The proof is by induction on the type 
ordering. Therefore, yj-^ U □ is well-founded on computable terms. 
Note that the result would again hold for terms headed by a function 
symbol with a functional output. 

We use this remark to build our outer induction argument: we 
prove that f{s) is computable by induction on the pair (/, s) or- 
dered lexicographically by (>:r, {'^Ts ^ ^)statf)iex- This is our outer 
statement (OH). 
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Since f{s) is prealgebraic, it is computable if every subterm at 
an accessible position is computable (which follows by assumption) 
and reducts t of s are computable. 

Since >-j-^ is defined in terms of , we actually prove by an 
inner induction on the recursive definition of the more general 
inner statement (IH) that t'j is computable for an arbitrary term t 
such that f{s) t and computable substitution 7 of domain X such 
that X n Var(s) = 0. Since the identity substitution is computable 
by property (iii), our inner induction hypothesis implies our outer 
induction hypothesis. 



1. If /(s) y-^ u by Case 4a, Then u E X and we conclude by as- 
sumption on 7 that wy is computable. 

2. If /(s) y-^ u by Case la, then Sj ^cct for some i and @{t, x) h^-^ u 
for some x G X. By assumption on s and Lemma 7, t is com- 
putable. Since t is a subterm of s and Xr\Var{s) = 0, then = t 
is computable. It follows that @{t,xj) is computable. Thus, by 
stability, is computable. 

3. If f{s) u by case lb, then u = g{u), f =t 9-, s u and finally 
s i^rs ^ ^cc^Ts)stat u. By the inner induction hypothesis, ¥7 is 
computable. Assume now that Sj : dj \>accV and : a[ =7-5 
a; y^-^ iLj. Using the fact that X r\Var{s) = 0, by stability we get 
sa = Si>accVl = V and @{v,x)-f = ©{v,^^) : a- =rs di «i7- 
Moreover, by definition of computability, si □ @(v,x7). There- 
fore, — f{u'y) is computable by the outer induction hypothe- 
sis. 

4. If f[s) u by case 4b, then u = Xx.v with x ^ Var{s) and 

inner induction hypothesis, v{-fU{x 1-^ t/;}) 
is computable for an arbitrary computable w. Assuming without 
loss of generality that x ^ TZan{'j), then ^(7 U 1— > w}) — 
{v^){x ^— > w}. Therefore, u — Xx.v^ is computable by com- 
putability property (iv). 

5. If f{s) u by Case Ic, then u = g{u) with g E J-' U {@} and 
s y^ u. By the inner induction hypothesis, u'y is computable. We 
conclude by Lemma 5 in case g — @ and by the outer induction 
hypothesis ii g E J^. □ 
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4.4 Strong Normalization 

We arc now ready for the strong normalization proof. From the previ- 
ous properties, one can easily prove the following lemma by induction 
on the term structure: 

Lemma 8. Let j be a type-preserving computable substitution and 
t be an algebraic X-term. Then is computable. 

The proof of our main theorem follows from Lemma 8 when using 
the identity substitution, and of computability property (i). 

5 Conclusion 

An implementation of the new definition with examples is available 
from the web page of the third author. 

There are still a few possible improvements that we have not yet 
explored, such as ordering the abstractions according to their type, 
increasing the set of accessible terms for applications that satisfy 
the strict positivity restriction, and showing that the new definition 
is strictly more general that the general schema when adopting the 
same type discipline. A more difficult problem to be investigated 
then is the generalization of this new definition to the calculus of 
constructions along the lines of [5]. 
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